Phishing e-mail targets local Internet banking users
19th May 2005 (The Star)
PETALING JAYA: A bogus e-mail phishing for Internet banking usernames and passwords is in circulation, warns the Malaysian Computer Emergency Response Team (MyCERT).
MyCERT said yesterday it had received several reports of the "suspicious" e-mail from Internet users.
An analysis of the e-mail "indicates it is phishing email," it said.
The e-mail requests recipients who are users of Internet banking services from Hong Leong Bank, AmBank, Bumiputera Commerce Bank and Alliance Bank to "verify their e-mail address" by clicking on the appropriate link among four attached in the body of the email.
Once clicked on, the links redirect users to a phishing site with a pop-up window that requests for the username and password of their Internet banking account.
MyCERT said the phishing sites are believed to be hosted on a single machine located in Russia.
It also urged Internet users to delete the e-mail immediately if they receive it.
Following is the text of the e-mail:
Subject: Hong Leong/Bumiputra Commerce/AmBank Group/Alliance Bank
Dear Hong Leong/Bumiputra Commerce/AmBank Group/Alliance Bank Member,This email was sent by the Bank server to verify your e-mail address.
You must complete this process by clicking on the link below and entering in the small window your Hong Leong/Bumiputra Commerce/AmBank Group/Alliance Bank online access details.
This is done for your protection - because some of our members no longer have access to their email addresses and we must verify it.
To verify your e-mail address and access your account, click on the link below:
If You Have Hong Leong Bank Account: http://www.hlb.com.my/Y83fyKAxkpo6h2fc9nij
If You Have Alliance Bank Account:http://www.alliancebank.com.my/euDs4yqktp3iz7c290ka
If You Have Bumiputra Commerce Bank Account:http://www.channel-e.com.my/QFW64yGxMF34526zv4
If You Have AmBank Group Account:http://www.ambg.com.my/qxKM1RujhH7t87j06o0u4